
 <!DOCTYPE HTML>
<html>
<head><meta name="generator" content="Hexo 3.9.0">
  <meta charset="UTF-8">
  
    <title>Kubernetes 1.8 DNS服务-自定义域DNS | Zong&#39;s blog</title>
    <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=3, minimum-scale=1">
    
    <meta name="author" content="Zong">
    
    <meta name="description" content="上一篇文章 记录了K8s的DNS服务kube-dns搭建的过程，其中简略提到了一点就是kube-dns可以配置特定的域使用特定的DNS服务做解析。相当于DNS中的NS记录，例如配置所有*.k8s.cn的解析都转发到169.169.0.3，下面是详细的配置。
搭建DNS我选择使用dnsmasq在k8s">
    
    
    
    
    
    <link rel="icon" href="/img/favicon.ico">
    
    
    <link rel="apple-touch-icon" href="/img/pacman.jpg">
    <link rel="apple-touch-icon-precomposed" href="/img/pacman.jpg">
    
    <link rel="stylesheet" href="/css/style.css">
</head>
</html>
  <body>
    <header>
      <div>
		
			<div id="imglogo">
				<a href="/"><img src="/img/logo.svg" alt="Zong&#39;s blog" title="Zong&#39;s blog"/></a>
			</div>
			
			<div id="textlogo">
				<h1 class="site-name"><a href="/" title="Zong&#39;s blog">Zong&#39;s blog</a></h1>
				<h2 class="blog-motto">日常积累，技术分享</h2>
			</div>
			<div class="navbar"><a class="navbutton navmobile" href="#" title="Menu">
			</a></div>
			<nav class="animated">
				<ul>
					<ul>
					 
						<li><a href="/">Home</a></li>
					
						<li><a href="/archives">Archives</a></li>
					
						<li><a href="/categories/运维">运维</a></li>
					
						<li><a href="/categories/容器架构">容器架构</a></li>
					
					<li>
					
					<form class="search" action="//baidu.com/s" method="get" accept-charset="utf-8">
						<label>Search</label>
						<input type="text" id="search" name="wd" autocomplete="off" maxlength="20" placeholder="Search" />
                        <input name=tn type=hidden value="bds">
                        <input name=cl type=hidden value="3">
                        <input name=ct type=hidden value="2097152">
						<input type="hidden" name="si" value="www.lstop.pub">
					</form>
					
					</li>
				</ul>
			</nav>			
</div>

    </header>
    <div id="container">
      <div id="main" class="post" itemscope itemprop="blogPost">
	<article itemprop="articleBody"> 
		<header class="article-info clearfix">
  <h1 itemprop="name">
    
      <a href="/2018/03/13/Kubernetes-1-8-DNS服务-自定义域DNS/" title="Kubernetes 1.8 DNS服务-自定义域DNS" itemprop="url">Kubernetes 1.8 DNS服务-自定义域DNS</a>
  </h1>
  <p class="article-author">By
    
      <a href="http://www.lstop.pub" title="Zong">Zong</a>
    </p>
  <p class="article-time">
    <time datetime="2018-03-13T02:55:59.000Z" itemprop="datePublished">2018-03-13</time>
    
  </p>
</header>

	<div class="article-content">
		
		
		<div id="toc" class="toc-article">
			<strong class="toc-title">Contents</strong>
		<ol class="toc"><li class="toc-item toc-level-1"><a class="toc-link" href="#搭建DNS"><span class="toc-number">1.</span> <span class="toc-text">搭建DNS</span></a></li><li class="toc-item toc-level-1"><a class="toc-link" href="#修改kube-dns"><span class="toc-number">2.</span> <span class="toc-text">修改kube-dns</span></a></li><li class="toc-item toc-level-1"><a class="toc-link" href="#测试"><span class="toc-number">3.</span> <span class="toc-text">测试</span></a></li></ol>
		</div>
		
		<p>上一篇文章 记录了K8s的DNS服务kube-dns搭建的过程，其中简略提到了一点就是kube-dns可以配置特定的域使用特定的DNS服务做解析。<br>相当于DNS中的NS记录，例如配置所有*.k8s.cn的解析都转发到169.169.0.3，下面是详细的配置。</p>
<h1 id="搭建DNS"><a href="#搭建DNS" class="headerlink" title="搭建DNS"></a>搭建DNS</h1><p>我选择使用dnsmasq在k8s中创建deploy，因为比较简单，在小型环境已经够用。我们使用ConfigMap写好dnsmasq的配置然后挂在pod上，DNS记录另外写一个文件。</p>
<blockquote>
<p>注意不要用addn-hosts的方式写记录，经过测试这种方式会出现大量 dnsmasq[17]: Maximum number of concurrent DNS queries reached (max: 150) 并且解析缓慢</p>
</blockquote>
<figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br><span class="line">21</span><br><span class="line">22</span><br><span class="line">23</span><br><span class="line">24</span><br><span class="line">25</span><br><span class="line">26</span><br><span class="line">27</span><br><span class="line">28</span><br><span class="line">29</span><br><span class="line">30</span><br><span class="line">31</span><br><span class="line">32</span><br><span class="line">33</span><br><span class="line">34</span><br><span class="line">35</span><br><span class="line">36</span><br><span class="line">37</span><br><span class="line">38</span><br><span class="line">39</span><br><span class="line">40</span><br><span class="line">41</span><br><span class="line">42</span><br><span class="line">43</span><br><span class="line">44</span><br><span class="line">45</span><br><span class="line">46</span><br><span class="line">47</span><br><span class="line">48</span><br><span class="line">49</span><br><span class="line">50</span><br><span class="line">51</span><br><span class="line">52</span><br><span class="line">53</span><br><span class="line">54</span><br><span class="line">55</span><br><span class="line">56</span><br><span class="line">57</span><br><span class="line">58</span><br><span class="line">59</span><br><span class="line">60</span><br><span class="line">61</span><br><span class="line">62</span><br><span class="line">63</span><br><span class="line">64</span><br><span class="line">65</span><br><span class="line">66</span><br><span class="line">67</span><br><span class="line">68</span><br><span class="line">69</span><br><span class="line">70</span><br><span class="line">71</span><br><span class="line">72</span><br><span class="line">73</span><br><span class="line">74</span><br><span class="line">75</span><br><span class="line">76</span><br><span class="line">77</span><br><span class="line">78</span><br><span class="line">79</span><br><span class="line">80</span><br></pre></td><td class="code"><pre><span class="line">kind: ConfigMap</span><br><span class="line">apiVersion: v1</span><br><span class="line">metadata:</span><br><span class="line">  name: dnsmasq-cm</span><br><span class="line">data:</span><br><span class="line">  dnsmasqconf: |-</span><br><span class="line">    resolv-file=/etc/resolv.conf</span><br><span class="line">    strict-order</span><br><span class="line">    cache-size=1024</span><br><span class="line">    listen-address=0.0.0.0</span><br><span class="line">    interface=eth0</span><br><span class="line">    conf-dir=/etc/dnsmasq.d</span><br><span class="line">    log-queries</span><br><span class="line">  records: |-</span><br><span class="line">    address=/wx.k8s.cn/192.168.21.55</span><br><span class="line">    address=/wx1.k8s.cn/192.168.21.56</span><br><span class="line">    address=/wx3.k8s.cn/192.168.21.11</span><br><span class="line">---</span><br><span class="line">apiVersion: apps/v1beta1 # for versions before 1.8.0 use apps/v1beta1</span><br><span class="line">kind: Deployment</span><br><span class="line">metadata:</span><br><span class="line">  name: dnsmasq-dep</span><br><span class="line">  labels:</span><br><span class="line">    app: dnsmasq</span><br><span class="line">spec:</span><br><span class="line">  replicas: 1</span><br><span class="line">  selector:</span><br><span class="line">    matchLabels:</span><br><span class="line">      app: dnsmasq</span><br><span class="line">  template:</span><br><span class="line">    metadata:</span><br><span class="line">      labels:</span><br><span class="line">        app: dnsmasq</span><br><span class="line">    spec:</span><br><span class="line">      containers:</span><br><span class="line">      - name: dns</span><br><span class="line">        image: jpillora/dnsmasq </span><br><span class="line">        ports:</span><br><span class="line">        - containerPort: 53</span><br><span class="line">          protocol: TCP</span><br><span class="line">        - containerPort: 53</span><br><span class="line">          protocol: UDP</span><br><span class="line">        volumeMounts:</span><br><span class="line">        - mountPath: /etc/dnsmasq.conf</span><br><span class="line">          name: dnsconf</span><br><span class="line">          subPath: dnsmasq.conf</span><br><span class="line">        - mountPath: /etc/dnsmasq.d/records.conf</span><br><span class="line">          name: records</span><br><span class="line">          subPath: records.conf</span><br><span class="line">      volumes:</span><br><span class="line">      - name: dnsconf</span><br><span class="line">        configMap:</span><br><span class="line">          name: dnsmasq-cm</span><br><span class="line">          items:</span><br><span class="line">          - key: dnsmasqconf</span><br><span class="line">            path: dnsmasq.conf</span><br><span class="line">      - name: records</span><br><span class="line">        configMap:</span><br><span class="line">          name: dnsmasq-cm</span><br><span class="line">          items:</span><br><span class="line">          - key: records</span><br><span class="line">            path: records.conf</span><br><span class="line">---</span><br><span class="line">kind: Service</span><br><span class="line">apiVersion: v1</span><br><span class="line">metadata:</span><br><span class="line">  name: dns-node-k8s</span><br><span class="line">spec:</span><br><span class="line">  clusterIP: 169.169.0.3</span><br><span class="line">  selector:</span><br><span class="line">    app: dnsmasq</span><br><span class="line">  ports:</span><br><span class="line">  - name: dnstcp</span><br><span class="line">    protocol: TCP</span><br><span class="line">    port: 53</span><br><span class="line">    targetPort: 53</span><br><span class="line">  - name: dnsudp</span><br><span class="line">    protocol: UDP</span><br><span class="line">    port: 53</span><br><span class="line">    targetPort: 53</span><br></pre></td></tr></table></figure>

<p>创建好后应该可以使用nslookup测试一下</p>
<figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br></pre></td><td class="code"><pre><span class="line">/ # nslookup wx1.k8s.cn 169.169.0.3</span><br><span class="line">Server:    169.169.0.3</span><br><span class="line">Address 1: 169.169.0.3 dns-node-k8s.default.svc.wx-dev.local</span><br><span class="line">Name:      wx1.k8s.cn</span><br><span class="line">Address 1: 192.168.21.56 bogon</span><br></pre></td></tr></table></figure>

<h1 id="修改kube-dns"><a href="#修改kube-dns" class="headerlink" title="修改kube-dns"></a>修改kube-dns</h1><p>可以直接edit ConfigMap文件</p>
<figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br></pre></td><td class="code"><pre><span class="line">sudo kubectl edit cm -n kube-system kube-dns</span><br></pre></td></tr></table></figure>

<p>加上stubDomains内容后等待几分钟kube-dns会自动刷新。</p>
<figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br></pre></td><td class="code"><pre><span class="line">apiVersion: v1</span><br><span class="line">data:</span><br><span class="line">  stubDomains: |</span><br><span class="line">    &#123;&quot;k8s.cn&quot;: [&quot;169.169.0.3&quot;]&#125;</span><br><span class="line">kind: ConfigMap</span><br><span class="line">metadata:</span><br><span class="line">  labels:</span><br><span class="line">    addonmanager.kubernetes.io/mode: EnsureExists</span><br><span class="line">  name: kube-dns</span><br><span class="line">  namespace: kube-system</span><br></pre></td></tr></table></figure>

<h1 id="测试"><a href="#测试" class="headerlink" title="测试"></a>测试</h1><p>直接使用nslookup测试，配置正确能解析出对应的ip</p>
<figure class="highlight plain"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br></pre></td><td class="code"><pre><span class="line">/ # nslookup wx3.k8s.cn</span><br><span class="line">Server:    169.169.0.2</span><br><span class="line">Address 1: 169.169.0.2 kube-dns.kube-system.svc.wx-dev.local</span><br><span class="line">Name:      wx3.k8s.cn</span><br><span class="line">Address 1: 192.168.21.11 bogon</span><br></pre></td></tr></table></figure>  
	</div>
		<footer class="article-footer clearfix">

  <div class="article-tags">
  
  <span></span> <a href="/tags/K8s/">K8s</a>
  </div>


<div class="article-categories">
  <span></span>
  <a class="article-category-link" href="/categories/容器架构/">容器架构</a>
</div>



<div class="article-share" id="share">

  <div data-url="http://www.lstop.pub/2018/03/13/Kubernetes-1-8-DNS服务-自定义域DNS/" data-title="Kubernetes 1.8 DNS服务-自定义域DNS | Zong&#39;s blog" data-tsina="" class="share clearfix">
  </div>

</div>
</footer>   	       
	</article>
	
<nav class="article-nav clearfix">
 
 <div class="prev" >
 <a href="/2018/05/02/Kubernetes高可用集群部署/" title="Kubernetes高可用集群部署">
  <strong>PREVIOUS:</strong><br/>
  <span>
  Kubernetes高可用集群部署</span>
</a>
</div>


<div class="next">
<a href="/2017/12/13/Kubernetes-1-8-集群网络/"  title="Kubernetes 1.8 集群网络">
 <strong>NEXT:</strong><br/> 
 <span>Kubernetes 1.8 集群网络
</span>
</a>
</div>

</nav>

	
</div>  
      <div class="openaside"><a class="navbutton" href="#" title="Show Sidebar"></a></div>

  <div id="toc" class="toc-aside">
  <strong class="toc-title">Contents</strong>
  <ol class="toc"><li class="toc-item toc-level-1"><a class="toc-link" href="#搭建DNS"><span class="toc-number">1.</span> <span class="toc-text">搭建DNS</span></a></li><li class="toc-item toc-level-1"><a class="toc-link" href="#修改kube-dns"><span class="toc-number">2.</span> <span class="toc-text">修改kube-dns</span></a></li><li class="toc-item toc-level-1"><a class="toc-link" href="#测试"><span class="toc-number">3.</span> <span class="toc-text">测试</span></a></li></ol>
  </div>

<div id="asidepart">
<div class="closeaside"><a class="closebutton" href="#" title="Hide Sidebar"></a></div>
<aside class="clearfix">

  
<div class="tagslist">
	<p class="asidetitle">Tags</p>
		<ul class="clearfix">
		
			<li><a href="/tags/Airtest/" title="Airtest">Airtest<sup>1</sup></a></li>
		
			<li><a href="/tags/DNS/" title="DNS">DNS<sup>1</sup></a></li>
		
			<li><a href="/tags/GitLab/" title="GitLab">GitLab<sup>1</sup></a></li>
		
			<li><a href="/tags/K8s/" title="K8s">K8s<sup>8</sup></a></li>
		
			<li><a href="/tags/Linux/" title="Linux">Linux<sup>1</sup></a></li>
		
			<li><a href="/tags/MongoDB/" title="MongoDB">MongoDB<sup>2</sup></a></li>
		
			<li><a href="/tags/OpenWrt/" title="OpenWrt">OpenWrt<sup>1</sup></a></li>
		
			<li><a href="/tags/Python/" title="Python">Python<sup>2</sup></a></li>
		
			<li><a href="/tags/RabbitMQ/" title="RabbitMQ">RabbitMQ<sup>1</sup></a></li>
		
			<li><a href="/tags/calico/" title="calico">calico<sup>1</sup></a></li>
		
			<li><a href="/tags/cdn/" title="cdn">cdn<sup>1</sup></a></li>
		
			<li><a href="/tags/docker/" title="docker">docker<sup>3</sup></a></li>
		
			<li><a href="/tags/docker-registry/" title="docker registry">docker registry<sup>1</sup></a></li>
		
			<li><a href="/tags/elasticsearch/" title="elasticsearch">elasticsearch<sup>3</sup></a></li>
		
			<li><a href="/tags/elk/" title="elk">elk<sup>3</sup></a></li>
		
			<li><a href="/tags/k8s/" title="k8s">k8s<sup>3</sup></a></li>
		
			<li><a href="/tags/kubernetes/" title="kubernetes">kubernetes<sup>1</sup></a></li>
		
			<li><a href="/tags/nginx/" title="nginx">nginx<sup>1</sup></a></li>
		
			<li><a href="/tags/python/" title="python">python<sup>1</sup></a></li>
		
			<li><a href="/tags/tomcat/" title="tomcat">tomcat<sup>1</sup></a></li>
		
		</ul>
</div>


  <div class="linkslist">
  <p class="asidetitle">Links</p>
    <ul>
      <li><a href="http://www.v2ex.com/?r=zong400" target="_blank" title="V2EX">V2EX</a></li>
      <li><a href="http://hexo.io" target="_blank" title="Hexo">Hexo</a></li>
	  <li><a href="https://promotion.aliyun.com/ntms/yunparter/invite.html?userCode=s0bh6uzq" target="_blank" title="阿里云">阿里云</a></li>
	  <li><a href="https://cloud.tencent.com/redirect.php?redirect=1014&cps_key=5bd9deb84d4d9f34b65fb934e12d03e3&from=console" target="_blank" title="腾讯云">腾讯云</a></li>
    </ul>
</div>


</aside>
</div>
    </div>
    <footer><div id="footer" >
	
	
	<div class="social-font" class="clearfix">
		
		
		
		
	</div>
		<p class="copyright">Hosted by <a href="https://pages.coding.me/" target="_blank" title="Coding Pages">Coding Pages</a></p>
		<p class="copyright">Powered by <a href="http://hexo.io" target="_blank" title="hexo">hexo</a> and Theme by <a href="https://github.com/wizicer/iceman" target="_blank" title="Iceman">Iceman</a> © 2020 
		
		<a href="http://www.lstop.pub" target="_blank" title="Zong">Zong</a>
		
		</p>
</div>
</footer>
    <script src="//cdn.staticfile.org/jquery/2.1.0/jquery.min.js"></script>
<script type="text/javascript">
$(document).ready(function(){ 
  $('.navbar').click(function(){
    $('header nav').toggleClass('shownav');
  });
  var myWidth = 0;
  function getSize(){
    if( typeof( window.innerWidth ) == 'number' ) {
      myWidth = window.innerWidth;
    } else if( document.documentElement && document.documentElement.clientWidth) {
      myWidth = document.documentElement.clientWidth;
    };
  };
  var m = $('#main'),
      a = $('#asidepart'),
      c = $('.closeaside'),
      o = $('.openaside');
  $(window).resize(function(){
    getSize(); 
    if (myWidth >= 1024) {
      $('header nav').removeClass('shownav');
    }else
    {
      m.removeClass('moveMain');
      a.css('display', 'block').removeClass('fadeOut');
      o.css('display', 'none');
      
      $('#toc.toc-aside').css('display', 'none');
        
    }
  });
  c.click(function(){
    a.addClass('fadeOut').css('display', 'none');
    o.css('display', 'block').addClass('fadeIn');
    m.addClass('moveMain');
  });
  o.click(function(){
    o.css('display', 'none').removeClass('beforeFadeIn');
    a.css('display', 'block').removeClass('fadeOut').addClass('fadeIn');      
    m.removeClass('moveMain');
  });
  $(window).scroll(function(){
    o.css("top",Math.max(80,260-$(this).scrollTop()));
  });
});
</script>

<script type="text/javascript">
$(document).ready(function(){ 
  var ai = $('.article-content>iframe'),
      ae = $('.article-content>embed'),
      t  = $('#toc'),
      h  = $('article h2')
      ah = $('article h2'),
      ta = $('#toc.toc-aside'),
      o  = $('.openaside'),
      c  = $('.closeaside');
  if(ai.length>0){
    ai.wrap('<div class="video-container" />');
  };
  if(ae.length>0){
   ae.wrap('<div class="video-container" />');
  };
  if(ah.length==0){
    t.css('display','none');
  }else{
    c.click(function(){
      ta.css('display', 'block').addClass('fadeIn');
    });
    o.click(function(){
      ta.css('display', 'none');
    });
    $(window).scroll(function(){
      ta.css("top",Math.max(140,320-$(this).scrollTop()));
    });
  };
});
</script>


<script type="text/javascript">
$(document).ready(function(){ 
  var $this = $('.share'),
      url = $this.attr('data-url'),
      encodedUrl = encodeURIComponent(url),
      title = $this.attr('data-title'),
      tsina = $this.attr('data-tsina');
  var html = [
  '<a href="#" class="overlay" id="qrcode"></a>',
  '<div class="qrcode clearfix"><span>扫描二维码分享到微信朋友圈</span><a class="qrclose" href="#share"></a><strong>Loading...Please wait</strong><img id="qrcode-pic" data-src="http://s.jiathis.com/qrcode.php?url=' + encodedUrl + '"/></div>',
  '<a href="#textlogo" class="article-back-to-top" title="Top"></a>',
  '<a href="https://www.facebook.com/sharer.php?u=' + encodedUrl + '" class="article-share-facebook" target="_blank" title="Facebook"></a>',
  '<a href="#qrcode" class="article-share-qrcode" title="QRcode"></a>',
  '<a href="https://twitter.com/intent/tweet?url=' + encodedUrl + '" class="article-share-twitter" target="_blank" title="Twitter"></a>',
  '<a href="http://service.weibo.com/share/share.php?title='+title+'&url='+encodedUrl +'&ralateUid='+ tsina +'&searchPic=true&style=number' +'" class="article-share-weibo" target="_blank" title="Weibo"></a>',
  '<span title="Share to"></span>'
  ].join('');
  $this.append(html);
  $('.article-share-qrcode').click(function(){
    var imgSrc = $('#qrcode-pic').attr('data-src');
    $('#qrcode-pic').attr('src', imgSrc);
    $('#qrcode-pic').load(function(){
        $('.qrcode strong').text(' ');
    });
  });
});     
</script>









  </body>
</html>

